Phishers posting credit card info for all to see

Started by YoKenny, Aug 11 2008 10:14 AM

No replies to this topic

Super Power User

Gender:Male
Location:Oshawa, Ont. Canada
Interests:Helping people get rid of malware on their systems then showing them how not to get re-infected again

Posted 11 August 2008 - 10:14 AM

Quote

Black Hat 2008 Day 1 – Phishers posting credit card info for all to see and a new DNS cache poisoning trick

Bad Sushi: Beating Phishers at their own game - Excellent session that went into detail on how phishers think, act, and make a profit. Nitesh Dhanjani and Billy Rios (the speakers) showed us how phishers create sites, share info and code, and basically are lazy. I will definitely be blogging on this subject in more detail in the coming days but the highlights were that Phishers are storing their stolen data (credit card numbers, SSNs, ATM cards with Pins, etc) on websites that they have hacked into or on sites like guestbooks.
Leveraging the edge: Abusing SSLVPNs (Michael Zusman) – Michael started his talk by detailing how he was able to purchase a certificate from a major CA with a FQDN of an existing fortune 500 company’s website!

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein
IE7Pro user